[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Active Directory stuttering

  • Subject: Re: [Openvpn-users] Active Directory stuttering
  • From: Les Mikesell <lesmikesell@xxxxxxxxx>
  • Date: Thu, 01 Nov 2007 10:09:59 -0500

Jeff - wrote:
>> Oh dear :( We already use all three of those... DNS + WINS addresses are
>> pushed down at connect time.. ipconfig on the clients confirms it and I
>> can see traffic back and forth.
>> Routing is also OK - the AD server gets direct routed connectivity to
>> the 10.0.2.X 'VPN subnet' - no masq/NAT or firewall :(
>> Cheers,
>> Gavin.
> I've been having the same problem for months and I have had no luck finding a solution.
> I can connect no problem and transfer, however it always seems to timeout and the connection will reset.  It will reset every few minutes making the system unusable.  I'm currently using tun mode, however it's on my list to switch over to tap mode to see if that will work better.
> I have played with the MTU and mssfix settings with little success.  If you figure something out please share!!

Did you change the MTU on the actual end point hosts (where the first 
choice is negotiated) or just with the openvpn settings?  If there are 
intermediate routers and you didn't adjust the end points, MTU discovery 
has to work between the openvpn links and the end points - and for that, 
ICMP traffic must be permitted and all interfaces addresses that might 
source an ICMP have to be routable to the end points.

   Les Mikesell

Openvpn-users mailing list